HornetSecurity 365 Total Protection review: Keeping email squeaky clean

Tough email protection for Microsoft 365 that’s simple to deploy, easy to manage and very affordable

Editor's Choice
HornetSecurity 365 Total Protection screenshot
Price
2 exc VAT, per user per month
  • Very good value
  • Swift on-boarding
  • Sophisticated email security features
  • Excellent reporting services
  • Nothing noteworthy

Microsoft 365 is the dominant cloud email and collaboration service, and the recent rapid move to hybrid and home working has increased its usage enormously. Unfortunately, this popularity has a downside:  although Microsoft does provide built-in email security features, they are comparatively basic, making the platform a juicy target for cybercriminals.

It isn’t advisable to rely only on your cloud provider for security either, as businesses are ultimately responsible for the safety of their own data. So it makes sense to adopt a defence-in-depth strategy, and HornetSecurity 365 Total Security is one provider that aims to offer complete email security solution.

HornetSecurity 365 Total Protection: Features and on-boarding

HornetSecurity offers two packages: the Business option costs €2 per user per month and provides essential security services, such as spam and malware protection, content controls, compliance filters and live tracking of email, while the Enterprise package increases monthly costs per user to €4 but enables a heap of compliance features. In particular, while Microsoft 365 isn’t great at email archiving, HornetSecurity improves matters enormously with legally compliant real-time archiving, fast eDiscovery services, a whopping 10-year maximum retention period and unlimited archive space for each user.

Encryption comes as standard with both packages, with support for global S/MIME and PGP. Businesses working with partners that don’t normally use encryption will also appreciate the WebSafe service, which allows users to send encrypted emails that can be safely opened using a web browser.

Setup is fast too. HornetSecurity claims a 30-second on-boarding process, and we found this to be quite feasible. You simply need to change your domain MX records, go to the registration link provided, input your credentials and leave the automated setup routine to create the required connectors to route your inbound and outbound mail through the HornetSecurity servers. 

HornetSecurity 365 Total Protection review: Instant protection 

Full spam and malware protection starts immediately. The service is enabled by default, and the only options available are to decide whether dodgy messages should be quarantined or tagged for onward processing. The "infomail" filter uses over 15,000 heuristics to weed out nuisances such as newsletters or mass marketing campaigns, and this can be globally disabled or set so users can decide whether they want to use it.

The administrative cloud portal is easy to navigate, opening with a live email-tracking view which is far more informative than the Microsoft 365 reporting service. It shows all email activity for the selected period and assigns a colour code to each message to denote whether it has been classified as clean, spam or infomail, whether it contains malicious content or an infected attachment, or whether it has been rejected by custom filters.

HornetSecurity 365 Total Protection screenshot

You can drill down to find certain types of message by applying filters such as direction, delivery status or size; selecting the colour legend icons at the top instantly changes the view so you only see emails with those classifications. Any individual email can be inspected by selecting its icon, which opens a menu for viewing the header and content, releasing it, adding the sender to deny or allow lists and reporting it as spam.

Users can take advantage of the self-service features by logging in to a personal portal with their Microsoft 365 credentials, reviewing emails and releasing them if permitted. Along with graphical reports of mail activity in their portal, quarantine reports can be emailed out at regular intervals and show all spam activity plus quarantined attachments with quick links to review and deliver them.

HornetSecurity 365 Total Protection review: Security settings

The portal’s security settings page provides a single point for configuring all the HornetSecurity services. Both packages provide content control, which can remove attachments that are encrypted or contain executables and block Word, Excel and PowerPoint attachments with macros.

You can supplement this with custom lists of forbidden attachment file types, or restrict emails to a maximum size, and separate settings can be applied for inbound and outbound mail flows.

There's also a compliance filter, which uses inbound and outbound rules to look for specific keywords in messages, and reject them if found. Simple rules look for keywords in the message header or body, while advanced rules can be applied to senders, recipients, IP addresses, hostnames and attachments.

We tested this with an outbound rule and found it worked exactly as promised: any messages sent by our users that contained our keyword in the subject line showed as rejected in the live mail tracking screen. The senders meanwhile received a message stating that the recipient’s mail domain had rejected the message as spam, with no indication that HornetSecurity was working behind the scenes. 

HornetSecurity 365 Total Protection review: Advanced features

The ATP (advanced threat protection) service in the enterprise package uses multiple methods to combat emails containing malicious URLs, content or attachments, along with spear phishing attacks.

For one, web links are automatically rewritten using a secure proxy to see what they connect to and scan for potential threats. When our users clicked on web links in our test emails, a browser opened with a stripped-down view of the web site: clicking on a link at the top allowed the site to be checked by the ATP scanner before the full web site was presented.

Then there's the ATP sandbox, a secure virtual environment where HornetSecurity opens suspect emails, checks their contents and sends back forensic reports including PCAP traffic dumps and screenshots. The targeted forensics filter protects against spear phishing by analysing message contents to determine intent and spot spoofed addresses.

Businesses caught out by 2020s four-hour Microsoft 365 outage will also find the enterprise continuity service of great interest. It’s enabled in the portal for entire domains or specific users, and kicks in when normal services go down; during these times, HornetSecurity routes all mail through its own emergency servers, retains copies for up to three months and automatically merges them back when services return.

HornetSecurity 365 Total Protection review: Verdict

We tested 365 Total Protection for nearly a month, and during this time absolutely nothing slipped past its mail defences. That's a very impressive performance, and it’s easy to deploy and manage too, with plenty of options for customisation. It's a true enterprise-class email protection service at a price SMBs can afford.

Featured Resources

How virtual desktop infrastructure enables digital transformation

Challenges and benefits of VDI

Free download

The Okta digital trust index

Exploring the human edge of trust

Free download

Optimising workload placement in your hybrid cloud

Deliver increased IT agility with the cloud

Free Download

Modernise endpoint protection and leave your legacy challenges behind

The risk of keeping your legacy endpoint security tools

Download now

Recommended

Russia's "politically motivated" REvil raid could be used as leverage, experts warn
ransomware

Russia's "politically motivated" REvil raid could be used as leverage, experts warn

17 Jan 2022
Meta files lawsuit to uncover hackers targeting Facebook, WhatsApp
phishing

Meta files lawsuit to uncover hackers targeting Facebook, WhatsApp

21 Dec 2021
Five things to consider before choosing an MFA solution
Security

Five things to consider before choosing an MFA solution

17 Dec 2021
Australia and US sign CLOUD Act data-sharing deal to support criminal investigations
cyber crime

Australia and US sign CLOUD Act data-sharing deal to support criminal investigations

16 Dec 2021

Most Popular

How to move Microsoft's Windows 11 from a hard drive to an SSD
Microsoft Windows

How to move Microsoft's Windows 11 from a hard drive to an SSD

4 Jan 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

6 Jan 2022
Microsoft Exchange servers break thanks to 'Y2K22' bug
email delivery

Microsoft Exchange servers break thanks to 'Y2K22' bug

4 Jan 2022